This guide provides a detailed 20‑item checklist for Linux server hardening—covering snapshots, account management, SSH key authentication, password policies, firewall rules, service reduction, kernel tweaks, logging, and verification scripts—to ensure a new production server is secure before it goes live.
The author recounts a multi‑day incident response to a ThinkPHP website that was compromised via a weak admin password, detailing how repeated data tampering, hidden scheduled‑task scripts, and a ransom message were investigated, mitigated, and finally contained through systematic hardening and monitoring.
This guide walks through a real incident where a Linux server was hijacked by a mining virus, detailing step‑by‑step emergency response, systematic forensic investigation, cleanup procedures, and hardening measures to prevent future breaches, complete with scripts and best‑practice recommendations.
This comprehensive guide walks operations engineers through why Apache security matters, presents core hardening strategies such as hiding server details, blocking directory traversal, enforcing strict security headers, limiting request sizes, and applying IP rate‑limiting, and provides advanced techniques, verification commands, common pitfalls, and an actionable checklist to build a resilient web server.
This guide provides a comprehensive, step‑by‑step hardening roadmap for Nginx, covering version hiding, directory protection, HTTPS enablement, custom error pages, CSP, file permissions, security headers, connection limits, IP whitelisting, SSL optimization, secure file uploads, common attack mitigations, logging best practices, and additional hardening measures to protect web services from a wide range of threats.
This guide walks through securing an Ubuntu 20.04 server by updating packages, changing the default SSH port, enforcing strong passwords, creating a non‑root user with sudo, disabling root login, enabling RSA key authentication, configuring the UFW firewall, and blocking ping requests.
This guide explains how to set up the free, open‑source Lynis tool on a CentOS 8 server, run comprehensive system audits, explore its command‑line options, and interpret the generated security reports to strengthen Linux host defenses.
This guide explains why the default SSH configuration is risky and provides eight practical measures—including disabling root login, changing the default port, restricting password use, and employing key‑based authentication—to secure SSH access on Linux servers.
This guide walks you through eight practical steps to secure SSH on a Linux server, including disabling root login, changing the default port, restricting empty passwords, limiting authentication attempts, enforcing protocol 2, disabling forwarding, using key‑based authentication, and applying IP‑based access controls.
Learn how to protect your Linux server by disabling root SSH login, changing the default port, enforcing strong passwords, limiting login attempts, using SSH protocol 2, disabling forwarding, employing key‑based authentication, and restricting access by IP, with clear commands and configuration examples.
This guide explains why the default SSH configuration on Linux is risky and provides eight concrete hardening measures—including disabling root login, changing the default port, enforcing key‑based authentication, limiting login attempts, and restricting access by IP—to secure your server against common attacks.
This guide explains what Lynis is, walks through installing it on CentOS 8, and demonstrates how to run full system audits, select specific test groups, and view detailed results, helping administrators harden Linux servers with a free open‑source tool.
This article provides a comprehensive, step‑by‑step tutorial for hardening a CentOS 7.7 server, covering complex password creation, password‑policy configuration, PAM strength settings, login‑attempt limits, disabling root SSH access, changing the SSH port, tightening security‑group rules, command‑history limits, log monitoring, and regular data backup procedures.
This guide walks you through essential CentOS 7.7 server hardening steps—including setting complex passwords, configuring password policies, enforcing password strength, limiting login attempts, disabling root SSH access, changing SSH ports, tightening firewall rules, managing command history, monitoring logs, and scheduling regular backups—to improve system security.
This article details a real‑world Linux rootkit intrusion, describing the symptoms, forensic analysis techniques, evidence uncovered, the underlying Awstats vulnerability, and a comprehensive remediation plan to secure the server and prevent future compromises.
The article outlines practical Elasticsearch security measures—including network isolation, removal of public IPs, non‑root operation, port changes, and user authentication with the open‑source Search Guard plugin—to protect against data leaks and unauthorized access.
After a sudden server crash, the author traced a ransomware note, uncovered a Bash Shellshock exploit through log analysis and crafted GET requests, verified the vulnerability, upgraded Bash, and applied post‑compromise hardening steps to fully recover the system.
MySQL has become a ransomware target because many servers expose the database to the internet with empty or weak passwords, so administrators should audit open ports, enforce strong authentication, restrict access via security groups or iptables, bind services to internal IPs, and avoid using root or high‑privilege accounts to harden MySQL, MongoDB, and Redis against compromise.
This article walks through a real-world Linux server compromise, detailing the attack symptoms, forensic analysis steps, rootkit discovery, exploitation of an Awstats script vulnerability, and practical remediation measures to restore and harden the affected system.
A sudden shutdown of an Alibaba Cloud server revealed it had been hijacked as a bot, prompting a step‑by‑step remediation that highlights the importance of basic security hardening such as securing Redis, changing default SSH settings, and enabling cloud monitoring alerts.
